<?php	
	$db = new MySQL();   
	$table = "media_item";
	$id = $_GET['id'];	
	$mod = $_GET['mod'];
	$curpg = 1;
	if(isset($_POST["curpg"])) $curpg = $_POST["curpg"];	
	  	
	if(isset($_POST["cbidcat"])) $cbidcat = $_POST["cbidcat"];	
	
	$title = (isset($_POST["title"]))?$_POST["title"]:"";
		$title = str_replace("'", "\\'", $title);
		$title = str_replace("\\\'", "\\'", $title);	
	  
	$title_vn = (isset($_POST["title_vn"]))?$_POST["title_vn"]:"";
		$title_vn = str_replace("'", "\\'", $title_vn);
		$title_vn = str_replace("\\\'", "\\'", $title_vn);	
	
	$titleurl = myurl($title);
	  
	$linkto = (isset($_POST["linkto"]))?$_POST["linkto"]:"";
		$linkto = str_replace("'", "\\'", $linkto);
		$linkto = str_replace("\\\'", "\\'", $linkto);	
	
	$content = (isset($_POST["content"]))?$_POST["content"]:"";
		$content = str_replace("'", "\\'", $content);
		$content = str_replace("\\\'", "\\'", $content);
	
	$content_vn = (isset($_POST["content_vn"]))?$_POST["content_vn"]:"";
		$content_vn = str_replace("'", "\\'", $content_vn);
		$content_vn = str_replace("\\\'", "\\'", $content_vn);
	
	
	$meta_key = (isset($_POST["meta_key"]))?$_POST["meta_key"]:"";	
		$meta_key = str_replace("'", "\\'", $meta_key);
		$meta_key = str_replace("\\\'", "\\'", $meta_key);
	$meta_des = (isset($_POST["meta_des"]))?$_POST["meta_des"]:"";	
		$meta_des = str_replace("'", "\\'", $meta_des);
		$meta_des = str_replace("\\\'", "\\'", $meta_des);		
					     		
	if ($_POST["form_"]=="edit")
	{	
		
		if(isset($_GET['id']))
		{			
			$query="update $table set  idcat = '$cbidcat', title = '$title', title_vn = '$title_vn', titleurl = '$titleurl', linkto = '$linkto', content = '$content', content_vn = '$content_vn', meta_key = '$meta_key',  meta_des = '$meta_des' ";
			$query.=" where id='$id'";			
			$sql = $db->update($query);								
			$db->close();							
			echo "<script>location='?mod=".$mod."&act=list&idcat=$cbidcat'</script>";	
		
		}
		else{			
			// du lieu			
			//echo $image; die();
			$query="insert into $table ( idcat, title, title_vn, titleurl, linkto, content, content_vn, meta_key, meta_des ) ";
			$query.=" values ( '$cbidcat', '$title', '$title_vn', '$titleurl', '$linkto', '$content', '$content_vn', '$meta_key', '$meta_des'  )";
						
			$id = $db->insert($query);	
								
			$db->close();							
			echo "<script>location='?mod=".$mod."&act=list&idcat=$cbidcat'</script>";	}		
	}
	
	//delete 	
	if ( $_POST['form_']=="delete")
	{
		$listid=$_POST["listid"];
		$key_str =  substr($listid,0,strlen($listid)-1);
		$key = explode(',', $key_str);
		
		$strwhere="where id in ('".str_replace(",","','",$key_str)."')";	
					
		$query="delete from $table $strwhere";
		$sql = $db->delete($query);				
	
		$db->close();
		echo "<script>location='?mod=".$mod."&act=list&curpg=".$curpg."'</script>";	
	}
	
?>
